GANT VOPaa S Towards a platform for supporting
- Slides: 17
GÉANT VOPaa. S Towards a platform for supporting collaboration Marina Adomeit Activity Leader of SA for T&I services, AMRES, Serbia Mandeep Saini VOPaa. S Product Manager, GÉANT, U. K. Niels Van Dijk VOPaa. S Technical Product Manager, SURFnet, The Netherlands TNC 16 Conference, Prague 14. 06. 2016 Networks ∙ Services ∙ People www. geant. org
Outline • Introduction • Problem statement • VOPaa. S offering • Our roadmap • How to join us? Networks ∙ Services ∙ People www. geant. org 2
GÉANT and Trust & Identity • GÉANT project is Europe’s leading collaboration on e-infrastructure and services for the benefit of research and education. • edu. GAIN interconnects R&E Identity federations around the world. • In order to support the uptake of federated technologies and enable more communities to use edu. GAIN, GÉANT initated a task to develop and offer federation supporting services. • First service developed in this family was Federation as a Service - Faa. S aimed to support federation operators. Networks ∙ Services ∙ People www. geant. org 3
Collaborative Organisations • Organisation of people and resources, spread across different organisations in multiple geographical locations. • In order for Collaborative organisations to work together, its esential to enable group of people to access and share set of resources. • Access to resources (or Services) often needs to be managed and requires authentication and authorization. Networks ∙ Services ∙ People www. geant. org 4
Federated Identity Stakeholders • With Federated Authentication • Home organisation operates Identity provider (Id. P) • Allows authentication towards a Service Provider (SP) • Identity Federations • E. g. In. Common or SURFconext, • Provides trust and technology frameworks between SPs and Id. Ps. • Inter-federation • E. g. edu. GAIN, • Interconnects national identity federations. • Successfully addresses authentication in heterogeneous environment. • Collaboartive organisation • Typically operates number of SPs • Many VOs have chosen to build the AAI infrastructure using the edu. GAIN • Identity Federations and Identity providers are however traditionally focused on campus use cases, which introduces a number of challenges in leveraging Federated AAI for Collaborative organisations Networks ∙ Services ∙ People www. geant. org 5
Challenges for Collaborative Organisations • Challenges in Authentication space • Collaborative organisations work with people outside scope of R&E communities as well • Requires Collaborative organisations to peer with other non R&E Identity providers (such as social identites provider) or maintain an additional Identity provider • Challenges in Authorization space • Services run by Collaborative organisations often need attribute or group related information in the context of their collaboration, which are not issued by Identity providers • Requires Collaborative organisations to manage and provide additional attributes and groups towards their services, independently from the Identity provider Networks ∙ Services ∙ People www. geant. org 6
VO Platform as a Service - VOPaa. S • Goal • Investigate the conditions that would allow GÉANT to provide services to support Collaborative organisations • Focus on delivery of technical services • Out of scope: • Technical development • Policy & LOA development • Activities • • • Gather requirements and priorities with/from communities Look at existing tools and technologies Look into delivery model Investigate business case & sustainability Pilot with communities Operations and Market Networks ∙ Services ∙ People www. geant. org 7
VOPaa. S Market Analysis • The FIM 4 R paper (April 2012) was one of the first to articulate collective requirements for using Federated AAI for VOs. • The VOPaa. S has performed a survey among several small and large Pan. European VOs to (re-)validate the FIM 4 R requirements. Networks ∙ Services ∙ People www. geant. org 8
VOPaa. S Market Analysis Results Networks ∙ Services ∙ People www. geant. org 9
Deployment model • From the results of this survey, functional requirements were analyzed and a number of services were proposed to be put in place http: //www. geant. org/Projects/GEANT_Project_GN 4 -1/deliverables/D 92_Market-Analysis-for-Virtual-Organisation-Platform-as-a-Service. pdf • Basic Services • • Offered to „smaller“ Collaborative organisations with generic AAI requirements Operated by GÉANT Multi tenant service Also for VOs that are not legal entities • Advanced Services • • Aimed to „larger“ Collaborative organisations with advance AAI requirements Operated by GÉANT on behalf of a VO Single tenant service Somebody – a legal entity - must take responsibility for that data Networks ∙ Services ∙ People www. geant. org 10
Basic Services • VO Membership service • • Registry for VO persistent Identifier VO specific Workflows for onboarding Limited set of attributes Accessible through edu. GAIN • Transparent External Identity proxy (TEIP) • One persistent (SAML) Id. P for many ‘Guest’ Identity Providers, including: • Social (Google, Twitter, Linkedin, Facebook) • NREN operated & Commercial Guest Id. Ps (Open. IDP, United. ID. org, edu. ID. se) • e. GOV (STORK) and Bank. ID Sa. To. Sa • Provides Account recovery • Available and accessible through edu. GAIN Networks ∙ Services ∙ People www. geant. org 11
VOPaa. S Basic Services Offering Architecture Service Provider COmanage VOOT SAML AA Oauth VOPaa. S Auth. N: Id + attributes Id. P TEIP VO persistent Identifier + VO attributes edu. GAIN Networks ∙ Services ∙ People www. geant. org 12
Advanced Services • (advanced) Attribute Management - Whatever you can come up with • (advanced) Group Management - Groups in groups, etc. • Provisioning - For web and non-web resources, ‘application specific connectors’ • Service Proxy and Attribute Aggregation – have a central point for technology and policy • Accessible through edu. GAIN Networks ∙ Services ∙ People www. geant. org 13
What's in it for R&E communities and Federation Operators • For R&E communities • Deploying AAI is complex and subject matter experts are required • Using VOPaa. S as a AAI service offering will save time and effort • R&E communities should focus on thier research topics, rather than building AAI solutions • For Federation Operators • Many Federation Operators dont have a way to support Collaborative organisations in which their communities are participating • They can leverage their communities to the VOPaa. S offering • Federation Operators can still have a role in the VOPaa. S delivery model: • Support for enabling SPs to interconect with VOPaa. S platform is needed • Approve/sponsor requests for VOPaa. S offering, intiated from their communities Networks ∙ Services ∙ People www. geant. org 14
Roadmap Q 3 2016 • Delivery Model • Deploy pilot platform Q 4 2016 • Run pilots with Basic Services, in collaboration with AARC • Support application integrations 2017 • Production service for Basic Services • Finalise specification for Advanced Services 2018 • Deploy Pilots for Advanced Services • Possibly: pick up new services as developed within GEANT, AARC or others Networks ∙ Services ∙ People www. geant. org 15
Join VOPaa. S pilot ! Interested to join VOPaa. S pilot or have any queries Contact us: vopaas@lists. geant. org Networks ∙ Services ∙ People www. geant. org 16
Thank you Networks ∙ Services ∙ People www. geant. org Networks ∙ Services ∙ People www. geant. org 17
Vopaa
Vopaa
Géant atlas pointure
Advantages and disadvantages of bar charts
Arizona v gant
Gant lyngby
Gant software
Hans full is pulling on a rope to drag
Gantt chart template quarterly
Aoa network diagram example
Gant global services
Az vs gant
Manajemen waktu proyek
Grafiku gant
Gant fouter
Gant chart
Contoh gantt chart sederhana
Gestion de projet les fondamentaux
